Advancement of the communication industry has created various value-added services utilizing networks which are represented by the Internet. The network based value-added services permitted many users to easily share information through its collections and deliveries.
Using the network based services frequently involves deliveries of personally classified information which is increasingly vulnerable to be exposed to third parties. Therefore, there is a practical need to provide different protection methods for securing personal information transmitted on the networks.
A generally used security measure of protecting the personal information is to encrypt and send it by a security key prearranged between the sender and the receiver. Other security techniques being used are based on a certificate issued from public offices or others for the purpose of banking and payment services over the Internet.
In the above example to protect the personal information using the security key, the security key for use between the sender and receiver is necessarily prearranged. For this purpose of making an agreement for the usable security key between the parties, there is a required procedure for the key sharing.
This sharing of the security key involves an indispensable procedure of transmitting information needed for the security key sharing to and from the sender and receiver. This may open an opportunity for intermediate attackers or men in the middle attack to snatch the security sharing information off the networks.
So, in order to provide diverse value-added services worry free, a scheme for the security key sharing that can provide the users with a convenience as well as the elimination of an exposure of personal information is urgently needed.